kernel / kernel-source

Clone
Source Code
GIT

Files

  1.   7df24046a1510e64670d278fbacd785c50635908
  2.   patches.suse
  3.   0761-drm-amdgpu-set-ip-specific-ras-interface-pointer-to-.patch
Blob Blame History Raw 
From d094aea312580f12232b546523dae20f54445469 Mon Sep 17 00:00:00 2001
From: Hawking Zhang <Hawking.Zhang@amd.com>
Date: Tue, 3 Sep 2019 03:16:47 +0800
Subject: drm/amdgpu: set ip specific ras interface pointer to NULL after free
 it
Git-commit: d094aea312580f12232b546523dae20f54445469
Patch-mainline: v5.5-rc1
References: bsc#1152489

to prevent access to dangling pointers

Signed-off-by: Hawking Zhang <Hawking.Zhang@amd.com>
Reviewed-by: Tao Zhou <tao.zhou1@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Acked-by: Thomas Zimmermann <tzimmermann@suse.de>
---
 drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c   | 7 +++++--
 drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c   | 8 ++++++--
 drivers/gpu/drm/amd/amdgpu/mmhub_v1_0.c | 4 +++-
 drivers/gpu/drm/amd/amdgpu/nbio_v7_4.c  | 4 ++++
 drivers/gpu/drm/amd/amdgpu/sdma_v4_0.c  | 8 ++++++--
 5 files changed, 24 insertions(+), 7 deletions(-)

diff --git a/drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c b/drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c
index 196a14236445..e40c34d30bd4 100644
--- a/drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c
+++ b/drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c
@@ -4444,14 +4444,17 @@ static int gfx_v9_0_ecc_late_init(void *handle)
 		r = amdgpu_irq_get(adev, &adev->gfx.cp_ecc_error_irq, 0);
 		if (r)
 			goto late_fini;
-	} else
-		kfree(adev->gfx.ras_if);
+	} else {
+		r = 0;
+		goto free;
+	}
 
 	return 0;
 late_fini:
 	amdgpu_ras_late_fini(adev, adev->gfx.ras_if, &ih_info);
 free:
 	kfree(adev->gfx.ras_if);
+	adev->gfx.ras_if = NULL;
 	return r;
 }
 
diff --git a/drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c b/drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c
index f1300d5f4f87..ba149554b508 100644
--- a/drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c
+++ b/drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c
@@ -799,8 +799,11 @@ static int gmc_v9_0_ecc_late_init(void *handle)
 		r = amdgpu_irq_get(adev, &adev->gmc.ecc_irq, 0);
 		if (r)
 			goto umc_late_fini;
-	} else
-		kfree(adev->gmc.umc_ras_if);
+	} else {
+		/* free umc ras_if if umc ras is not supported */
+		r = 0;
+		goto free;
+	}
 
 	if (adev->mmhub_funcs && adev->mmhub_funcs->ras_late_init) {
 		r = adev->mmhub_funcs->ras_late_init(adev);
@@ -812,6 +815,7 @@ static int gmc_v9_0_ecc_late_init(void *handle)
 	amdgpu_ras_late_fini(adev, adev->gmc.umc_ras_if, &umc_ih_info);
 free:
 	kfree(adev->gmc.umc_ras_if);
+	adev->gmc.umc_ras_if = NULL;
 	return r;
 }
 
diff --git a/drivers/gpu/drm/amd/amdgpu/mmhub_v1_0.c b/drivers/gpu/drm/amd/amdgpu/mmhub_v1_0.c
index ab6559a2d5e8..9916a333d9dc 100644
--- a/drivers/gpu/drm/amd/amdgpu/mmhub_v1_0.c
+++ b/drivers/gpu/drm/amd/amdgpu/mmhub_v1_0.c
@@ -639,8 +639,10 @@ static int mmhub_v1_0_ras_late_init(struct amdgpu_device *adev)
 	mmhub_ih_info.head = mmhub_fs_info.head = *adev->gmc.mmhub_ras_if;
 	r = amdgpu_ras_late_init(adev, adev->gmc.mmhub_ras_if,
 				 &mmhub_fs_info, &mmhub_ih_info);
-	if (r || !amdgpu_ras_is_supported(adev, adev->gmc.mmhub_ras_if->block))
+	if (r || !amdgpu_ras_is_supported(adev, adev->gmc.mmhub_ras_if->block)) {
 		kfree(adev->gmc.mmhub_ras_if);
+		adev->gmc.mmhub_ras_if = NULL;
+	}
 	return r;
 }
 
diff --git a/drivers/gpu/drm/amd/amdgpu/nbio_v7_4.c b/drivers/gpu/drm/amd/amdgpu/nbio_v7_4.c
index 27eeab143ad7..f25c6a9c6718 100644
--- a/drivers/gpu/drm/amd/amdgpu/nbio_v7_4.c
+++ b/drivers/gpu/drm/amd/amdgpu/nbio_v7_4.c
@@ -507,6 +507,9 @@ static int nbio_v7_4_ras_late_init(struct amdgpu_device *adev)
 		r = amdgpu_irq_get(adev, &adev->nbio.ras_err_event_athub_irq, 0);
 		if (r)
 			goto late_fini;
+	} else {
+		r = 0;
+		goto free;
 	}
 
 	return 0;
@@ -514,6 +517,7 @@ static int nbio_v7_4_ras_late_init(struct amdgpu_device *adev)
 	amdgpu_ras_late_fini(adev, adev->nbio.ras_if, &ih_info);
 free:
 	kfree(adev->nbio.ras_if);
+	adev->nbio.ras_if = NULL;
 	return r;
 }
 
diff --git a/drivers/gpu/drm/amd/amdgpu/sdma_v4_0.c b/drivers/gpu/drm/amd/amdgpu/sdma_v4_0.c
index 4aabb0d9bae5..5e759a877fdf 100644
--- a/drivers/gpu/drm/amd/amdgpu/sdma_v4_0.c
+++ b/drivers/gpu/drm/amd/amdgpu/sdma_v4_0.c
@@ -1728,14 +1728,18 @@ static int sdma_v4_0_late_init(void *handle)
 			if (r)
 				goto late_fini;
 		}
-	} else
-		kfree(adev->sdma.ras_if);
+	} else {
+		/* free sdma ras_if if sdma ras is not supported */
+		r = 0;
+		goto free;
+	}
 
         return 0;
 late_fini:
 	amdgpu_ras_late_fini(adev, adev->sdma.ras_if, &ih_info);
 free:
 	kfree(adev->sdma.ras_if);
+	adev->sdma.ras_if = NULL;
 	return r;
 }
 
-- 
2.28.0
Powered by Pagure 5.13.3
DocumentationAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.